After several delays, the government has finally launched the first national computer emergency response team, CERT-UK, to raise national awareness of cyber incidents and improve response capabilities.
Announced in December 2012 as a key element of government’s £650m cyber security strategy, CERT-UK was initially set to launch by the end of 2013, but later rescheduled for 2014.
Although today is the official launch of CERT-UK and its website, initial operations have been taking place for the past couple of months from an undisclosed location in central London.
Now the CERT is ready to go public as the single point of contact for UK business and other national CERTs on cyber security issues. It was designed based on feedback on all other CERT models.
It also has responsibility for national cyber incident management, handling cyber incidents related to critical national infrastructure, and developing and sharing cyber threat situational awareness.
While UK industry remains responsible for its own cyber security, CERT-UK will step in where incidents are cross-sectoral and require a concerted national response.
The final stages of preparation and first few months of operation have been overseen by Chris Gibson, who was confirmed as the director of CERT-UK in November 2013.
Gibson’s former roles have included director of e-Crime at Citigroup and member of the leadership team of the international Forum of Incident Response and Security Teams (First), with two years as global chair.
More on national CERTs
- US-Cert warns of widespread SQL injection attacks
- US-CERT: hackers are attacking flaw in Microsoft Access
- US-CERT warns of Adobe Shockwave Player threat
- US-CERT warns of new Samsung, Dell printer threat
He is also a member of the British Bankers’ Association (BBA) Cyber Advisory Panel and for 10 years was one of Citigroup’s representatives to the centre for the Protection of National Infrastructure’s Financial Service’s Information Exchange.
As well as collaborating with other government departmental CERTS, CERT-UK will work with local CERTS that have been set up by industry sectors such as financial services and universities.
Another key relationship for CERT-UK will be the cross-industry threat information-sharing portal set up by the UK government‘s Cyber Security Information Sharing Partnership (CISP).
CISP delivers a key component of the UK national cyber security strategy in facilitating information-sharing on cyber threats, and has been integrated into CERT-UK.
The initiative – aimed at making UK businesses more secure in cyberspace – was launched in March 2013 after a pilot scheme involving over 160 companies across five key UK sectors.
CERT-UK plans to use the information-sharing portal to help develop its situational awareness capabilities. The CISP will also be CERT-UK’s main way of interacting with UK business.
Through the CISP, CERT-UK aims to help UK businesses improve their cyber awareness and increase their ability to help themselves.
The CISP has grown to around 1,000 members within its first year, representing about 400 companies. CERT-UK plans to grow membership even further in the coming months.
By bringing situational awareness and incident response teams together, CERT-UK will be able to provide business with the most useful information on how to tackle the threats they face.
The official launch marks the start of the first phase of CERT-UK that is aimed at bringing all of the UK’s cyber security stakeholders under a single umbrella organisation.
By the end of the year, CERT-UK hopes to move to phase two so it can extend existing structures, consolidate relations with international and local CERTS, and grow membership of the CISP.
Nick O’Kelly, head of cyber incidence response at Deloitte, said CERT-UK is launching at a critical time, where the increased threat from cyber attacks are forcing businesses and government to rethink their security and protection strategies.
“The UK needs to work together to protect itself and the creation of a national CERT will facilitate a more co-ordinated and effective response to major cyber incidents.
“It will also provide a capability for the distribution of advice and support from different parts of the public and private sector, as well as internationally,” he said.